For several years now, there have plenty of scary headlines out there referencing billions in losses due to ransomware. But are those losses real or estimated? How is ransomware being defined? And why do these stories always seem to be pushed by someone selling cybersecurity software?
Insurance provider NAS has released top-level data from their 2017 cyber insurance claims that provides a realistic picture of the risks. NAS has 5% of the $2 billion annual cyber insurance market, making them a significant player in the space. They provide a couple of interesting insights into what risks companies really face.
First, ransomware is not the biggest cyber crime risk that companies face. Hacking attacks are the most expensive cause of financial loss for companies insured by NAS, just as they were in 2016. These can come from inside or outside of the company, and can include anything from data theft to a denial of service attack, which massively slows (or completely prevents) data from moving into or out of the company’s network.
Second, the IT forensic work to determine what was breached and stolen when recovering from any type of cyber attack is very expensive. The average cost grew by more than 58% in a single year, and now represents nearly half of the total of the $100,000+ average incident recovery cost.
A major takeaway from this data is that cyber-intrusion is an expensive risk. Unfortunately, while it does help minimize risk, being careful about which attachments you open and which emails you click is not enough to completely protect you against cyber attacks. Your HR team needs to be careful about which candidates are offered positions. Your IT team needs to be careful with how networks are configured. And everyone at your office needs to be careful to avoid social engineering techniques. In short, it’s continued training and constant vigilance, not just software, that has the biggest impact on reducing the risk of cyber-intrusion.
To learn more about how WingSwept can help your organization improve efficiency and mitigate risk, call us at 919-779-0954 or email us at Team_WingSwept@WingSwept.com.